Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers for managed security and what to look for in a cloud provider can be found here.
In today’s workplace, employees are encouraged to find the most agile ways to accomplish business: this extends beyond using their own devices to work on from anywhere, anytime and at any place to now choosing which cloud services to use.
Why Bring Your Own Service Needs to be on Infosec’s Radar
In many instances, most of this happens with little IT engagement. In fact, according to a 2013 Fortinet Survey, Generation Y users are increasingly willing to skirt such policies to use their own devices and cloud services. Couple this user behavior with estimates from Cisco’s Global Cloud Index that by the year 2017, over two thirds of all data center traffic will be based in the cloud proves that cloud computing is undeniable and unstoppable.
With this information in mind, how should IT and InfoSec teams manage their company’s data when hundreds of instances of new cloud deployments happen each month without their knowledge?
Additionally, what provisions need to be in place to limit risks from data being stored, processed and managed by third parties?
Here are a few considerations for IT and InfoSec teams as they try to secure our world of many clouds:
This week Microsoft launched SQL Server 2014, their data management and business intelligence platform. SQL Server at Microsoft has grown tremendously over the years; it is far from its origins as a simple relational database that Microsoft licensed from Sybase years ago. For the 2014 version of SQL Server, Microsoft has focused on continuing their drive to deliver mission critical performance, use that performance to provide for heterogeneous data access and insight, and finally delivering a data platform for customer’s private and hybrid cloud solutions. At Cisco we believe that our Unified Data Center architecture provides an optimum compute, network, and management offering for your Microsoft SQL Server solutions:
Compute – Cisco’s Unified Computing System (UCS)
Our Cisco Unified Computing System (UCS) server family is an intelligent fabric-based computing infrastructure that simplifies operations and speeds application deployment in physical and cloud computing environments. UCS combines industry-standard x86 architecture blade and rack servers, networking, and enterprise-class management into a single cohesive system. UCS’s configuration is entirely programmable using unified, model-based management to simplify and accelerate deployment of Microsoft workloads, bare-metal or virtual, such as SQL Server 2014. Its unified I/O infrastructure uses a high-bandwidth, low-latency unified fabric to support networking, storage I/O, and management traffic. UCS unified fabric increases performance, security, and manageability by extending fabric directly to servers and virtual machines. UCS servers are 100% stateless, delivering a highly flexible server environment that allows for dynamic utilization of server hardware
Private Clouds are fundamentally challenging how modern data centers are acquiring and consuming IT. Nearly half of large enterprises polled have deployed a private cloud, its reasonable to say organizations are tackling head-on the key concerns of designing, building and deploying a private cloud today. The top challenges are security of data, control and efficient delivery of applications as cloud services; need to be compliant, need for in-house expertise and added upfront costs. Added to the challenges is the network that is becoming the remaining bottleneck to business agility after everything else gets virtualized and automated. SDN is the key component of any cloud computing strategy in making IT more agile and, therefore, more responsive to the needs of the business.
At that event, Chuck Crane, Lead Networking and Security Architect at Acxiom, shared the accelerating pace that his team is expected to deploy infrastructure in – from weeks down to hours with an astounding 20,000 network and security changes in their cloud infrastructure per year.
His DevOps teams are accelerating their deployment cycles from six months down to two week sprints so the IT organization must deliver new infrastructure services almost instantly. Chuck and the other customer discussions can be found at the 40 minute mark in this video of the event.
Cisco Application Centric Infrastructure (ACI) solves not only the technical challenges but also delivers the operational, service-level, and financial business improvements that help organizations become world class service oriented IT organizations. ACI gives IT leaders the ability to manage even the most complex private cloud environments more easily and transparently.
The architecture provides a common programmable automation and management framework for network, application, security, and virtualization teams. This framework makes IT more agile while reducing application deployment time. In short, Cisco ACI enables a world class service oriented IT organization by coordinating application, network and security teams to maximize the benefits of a policy-driven data center that support open, standard controller APIs to maximize flexibility and minimize lock-in. In other words, ACI enables the IT to be more strategic in streamlining the IT resources and to act like an internal service provider, essentially “running IT as a business”.
In this week’s episode, Nils Swart (@NLNils) and Stace Hipperson (@stacehipperson) discuss how data becomes information via Open Daylight. Have they whiteboarded network engineer nirvana? Watch and see. More data!
This is in fact unicorns in a distance. Foiled again:
Stace Hipperson and Nils Swart own their unicorns.
This is Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:
Episodes will publish weekly (or as close to it as we can manage)
The industry has been buzzing over the past years around Next Generation of Software Defined and Application Centric networks. If you missed that, it means that you were probably on planet …Zircon (?).
In his recent blog, Colin Lynch @UCSguru and Cisco Champion talks about the skills that network engineers will need in order to design, support and deploy these new networks.
Colin designs and deploys large data centers for a Gold Partner in the UK, and is CCIE#7064 as well as holding certifications in VMware, EMC and NetApp. His Blog is http://ucsguru.com which covers all Datacenter topics but focuses on Cisco UCS. Recently Colin participated to a lively Cisco Champion podcast with Insieme/Cisco Joe Onisick @jonisick on ACI and Nexus 9000.
When recognizing that the traditional networks will not go away overnight , giving ample room for people with the current skill sets, Colin explains what he sees happening, and the course of actions he already took . “I’m certainly no programmer, but I see having basic programming competency as the next skill required to remain in that band of “High Demand” networking professionals.” A reality that many other network engineers start to embrace
A reality that Cisco CTO Padmasree Warrior @padmasree emphasized at a recent NPR broadcast for the Commonwealth Club of California, as she highlighted the importance for the new generation of professionals to learn a programming language . Listen to Padmasree’s speech on “The Business of Innovation : Today and Tomorrow”
Without necessary being amongst those who tend to think “that not being able to code could well be the next definition of literacy” as Colin questions in his blog , more and more network engineers seems to take this steps , including Bill Carter @billyc5022 , who shared also his new skill sets in a recent blog Cisco is bringing together networking and programming .
To better understand Colin’s point of view and discover what are his first steps to be ready for this new breed of networks, read his blog The “Next Gen” Network Engineer” . Tell us what are your first steps , if any.
You may want also to check this video with Colin debating with Hal Rotenberg @harl9000 on the very same topic ”ACI and Traditional Networking”